<?php

$MENU_ARY = array(
1 => array('name'=>'product', 'pic1'=>'nav1.gif', 'pic2'=>'nav11.gif', 'url'=>'product.php'),
2 => array('name'=>'customer', 'pic1'=>'nav2.gif', 'pic2'=>'nav21.gif', 'url'=>'customer.php'),
3 => array('name'=>'media', 'pic1'=>'nav3.gif', 'pic2'=>'nav31.gif', 'url'=>'media.php'),
4 => array('name'=>'system', 'pic1'=>'nav4.gif', 'pic2'=>'nav41.gif', 'url'=>'system.php'),
5 => array('name'=>'my account', 'pic1'=>'nav5.gif', 'pic2'=>'nav51.gif', 'url'=>'myaccount.php'),
6 => array('name'=>'user', 'pic1'=>'nav6.gif', 'pic2'=>'nav61.gif', 'url'=>'user.php'),
);

$excel_sql_ary = array(
'Item#'=>'code',
'Product name'=>'name',
'Show'=>'hidden_flag',
'New'=>'new_flag',
'Remarks'=>'comment',
'Big Pic'=>'pic',
'Small Pic'=>'small_pic',
'DCP'=>'price_2',
'MCP'=>'price_1',
'HKD'=>'price_3',
'W [cm]'=>'width',
'D [cm]'=>'length',
'H [cm]'=>'height',
'Cbm'=>'cbm',
'W [in]'=>'width2',
'D [in]'=>'length2',
'H [in]'=>'height2',
'Cuft'=>'cuft',
'Finish Shown'=>'finishshown',
'Fabric Shown'=>'fabricshown',
'Leather Shown'=>'leathershown',
'Marble Shown'=>'marbleshown',
);
//EXCELĿ
$excel_category_column = array("Category"=>"category_id" , "Seq" => "seq");

// ûȨ
function checkAdmin() {
    global $_COOKIE, $admin_name;
    $admin_name = "";
    $AdminUser = GetCookie('AdminUser');

    if($AdminUser){
        $CK	= explode("\t",StrCode($AdminUser,'DECODE'));
        $admin_name = stripcslashes($CK[1]);
        if (checkpass($CK)) {
            return true;
        }
        return false;
    }
    return false;
}

function checkpass($CK){
    global $db;
    if (!$CK){
        return false;
    }

    $sql = "SELECT password FROM user WHERE username='$CK[1]' AND type = 10";
    //echo $sql;exit;
    $rt = $db->get_one($sql);
    if(!SafeCheck($CK,PwdCode($rt['password']))){
        return false;
    }

    return true;
}

function SafeCheck($CK,$PwdCode,$var='AdminUser',$expire=1800){
    global $timestamp;
    $t	= $timestamp - $CK[0];
    if($t > $expire || $CK[2] != md5($PwdCode.$CK[0])){
        Cookie($var,'',0);
        return false;
    }else{
        $CK[0] = $timestamp;
        $CK[2] = md5($PwdCode.$timestamp);
        $Value = implode("\t",$CK);
        $$var  = StrCode($Value);
        Cookie($var,StrCode($Value));
        return true;
    }
}

function PwdCode($pwd){
    return md5($_SERVER["HTTP_USER_AGENT"].$pwd.$GLOBALS['db_hash']);
}

function StrCode($string,$action='ENCODE'){
    $key	= substr(md5($_SERVER["HTTP_USER_AGENT"].$GLOBALS['db_hash']),8,18);
    $string	= $action == 'ENCODE' ? $string : base64_decode($string);
    $len	= strlen($key);
    $code	= '';
    for($i=0; $i<strlen($string); $i++){
        $k		= $i % $len;
        $code  .= $string[$i] ^ $key[$k];
    }
    $code = $action == 'DECODE' ? $code : base64_encode($code);
    return $code;
}

function getPassword($type=2) {
    //$USER_TYPE_ARY = array('1'=>'Wholesale Customer', '2'=>'Container Customer');   // 1=>w 2=>c
    $a = $type==2 ? "c" : "w";
    $tmp_ary = array('a','b','c','d','e','f','g','h','i','j','k','m','n','o','p','q','r','s','t','u','v','w','x','y','z','2','3','4','5','6','7','8','9');
    shuffle($tmp_ary);
    return $a . $tmp_ary[1] . $tmp_ary[2] . $tmp_ary[3] . rand(1000,9999);
}

function goFromPage($msg = '') {
    global $PHP_SELF;
    $from_url = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $PHP_SELF;

    if (!empty($msg)) {
        if (strpos($from_url, "?")) {
            $from_url .= "&alert_message=" . urlencode($msg);
        } else {
            $from_url .= "?alert_message=" . urlencode($msg);
        }

    }


    if (!headers_sent($filename, $linenum)) {
        header("LOCATION:" . $from_url);
        exit;
    } else {
        //echo "Headers already sent in $filename on line $linenum\;
        echo "<script>location.href='" . $from_url . "';</script>";
        exit;
    }
}

function goEditPage($id) {
    global $PHP_SELF;
    $from_url = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $PHP_SELF;

    /*if (strstr($from_url, "id=")) {
        preg_replace('/id=(\d+)/', "id=$id", $from_url);
    } else*/
    if (strpos($from_url, "?")) {
        $from_url .= "&id=" . $id;
    } else {
        $from_url .= "?id=" . $id;
    }
    
    if (!headers_sent($filename, $linenum)) {
        header("LOCATION:" . $from_url);
        exit;
    } else {
        //echo "Headers already sent in $filename on line $linenum\;
        echo "<script>location.href='" . $from_url . "';</script>";
        exit;
    }
}

?>